How do I link IP addresses to server configuration files in OpenVPN?
by Jason.nix from LinuxQuestions.org on (#6DCWY)
Hello,
Suppose several IP addresses are set on a NIC and the name of the NIC is eth0. For example, I have set 1.2.3.4, 1.2.3.5 and 1.2.3.6 IP addresses on the eth0.
I want to launch several server configuration files for each IP. For example, for IP 1.2.3.4 I want to launch Server-1.conf, Server-2.conf and Server-3.conf configuration files.
For IP 1.2.3.5, I want to launch Server-4.conf, Server-5.conf and Server-6.conf configuration files and so on.
Each .conf file is as follows:
Code:port 119X
proto udp
dev tunX
ca ca.crt
cert server.crt
key server.key
dh dh.pem
server IP 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 1.1.1.1"
push "dhcp-option DNS 8.8.8.8"
keepalive 10 120
tls-auth ta.key 0
data-ciphers AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
log /var/log/openvpn/openvpn.log
log-append /var/log/openvpn/openvpn.log
verb 3
explicit-exit-notify 1Your iptables rules are:
Code:# IF_MAIN=eth0
# IF_TUNNEL=tunX
# YOUR_OPENVPN_SUBNET=IP/16
# iptables -I INPUT -p udp --dport 119X -j ACCEPT
# iptables -A FORWARD -i $IF_MAIN -o $IF_TUNNEL -m state --state ESTABLISHED,RELATED -j ACCEPT
# iptables -A FORWARD -s $YOUR_OPENVPN_SUBNET -o $IF_MAIN -j ACCEPT
# iptables -t nat -A POSTROUTING -s $YOUR_OPENVPN_SUBNET -o $IF_MAIN -j MASQUERADEIn the iptables rules I have mentioned the name of the NIC.
How can OpenVPN recognize that the configuration files Server-1.conf, Server-2.conf and Server-3.conf should be for IP address 1.2.3.4?
Should I change the name of the NIC to the IP address?
Thank you.
Suppose several IP addresses are set on a NIC and the name of the NIC is eth0. For example, I have set 1.2.3.4, 1.2.3.5 and 1.2.3.6 IP addresses on the eth0.
I want to launch several server configuration files for each IP. For example, for IP 1.2.3.4 I want to launch Server-1.conf, Server-2.conf and Server-3.conf configuration files.
For IP 1.2.3.5, I want to launch Server-4.conf, Server-5.conf and Server-6.conf configuration files and so on.
Each .conf file is as follows:
Code:port 119X
proto udp
dev tunX
ca ca.crt
cert server.crt
key server.key
dh dh.pem
server IP 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 1.1.1.1"
push "dhcp-option DNS 8.8.8.8"
keepalive 10 120
tls-auth ta.key 0
data-ciphers AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
log /var/log/openvpn/openvpn.log
log-append /var/log/openvpn/openvpn.log
verb 3
explicit-exit-notify 1Your iptables rules are:
Code:# IF_MAIN=eth0
# IF_TUNNEL=tunX
# YOUR_OPENVPN_SUBNET=IP/16
# iptables -I INPUT -p udp --dport 119X -j ACCEPT
# iptables -A FORWARD -i $IF_MAIN -o $IF_TUNNEL -m state --state ESTABLISHED,RELATED -j ACCEPT
# iptables -A FORWARD -s $YOUR_OPENVPN_SUBNET -o $IF_MAIN -j ACCEPT
# iptables -t nat -A POSTROUTING -s $YOUR_OPENVPN_SUBNET -o $IF_MAIN -j MASQUERADEIn the iptables rules I have mentioned the name of the NIC.
How can OpenVPN recognize that the configuration files Server-1.conf, Server-2.conf and Server-3.conf should be for IP address 1.2.3.4?
Should I change the name of the NIC to the IP address?
Thank you.